Proposal for a Human Authorship Verification Service: Or, how to Survive the LLM Bullshit Apocalypse
NOTE: this is a working draft, not a finished product. feel free to contact me with constructive feedback, but please do not quote or distribute this draft, although you may link to this page, which will be updated.
Abstract
Suppose you want to know with confidence who wrote a book or an essay, and you want to know your copy is as it was written by the author. Suppose it’s the future and the world has been rampaged for decades or centuries by advanced large language model (LLM) artificial intelligences (AIs), unscrupulous AI-assisted human plagiarizers, intellectual property cyber-thieves and saboteurs. How would you do that? What systems would need to be in place in order for you to have the right kind of evidence? Humanity currently lacks such systems, and consequently we face the existential cultural and intellectual risk of losing our entire record of human writing, not to flames as when Caeser burned the Great Library of Alexandria, but in a flood of LLM generated text that makes it difficult to confidently identify human writing—I’ll call this scenario the “LLM Bullshit Apocalypse.” This essay will explore the nature of the problem and what is at stake, and sketch the design of a solution–the Universal Authorship Verification Service–highlighting the technical and social challenges.
As the world’s pool of written knowledge (text) becomes inundated with text generated by increasingly sophisticated large language model (LLM) artificial intelligence (AI), it will become harder and harder to distinguish human writing from LLM-generated imitation. Today, the ability of humans to identify human writing is grounded in experience; everyone alive has much more exposure to it than LLM-generated text, so the latter is usually quickly identifiable in an intuitive way, unless it has been carefully selected and curated by a human. LLM text just ‘feels’ or ‘smells’ wrong or unnatural; it precisely lacks a ‘human’ solidness or coherence. The feelings of uncanny valley dysphoria that result from viewing AI generated images of obscene seven-fingered sausage hands and the like are grounded in the fact that we still get much more exposure to real hands. Until humans start uploading themselves, their meat-space hands will remain as perceptual touchstones. But if nearly all interaction with written language is generated or mediated by LLMs, or might be in a way that renders human attribution unreliable, we will lose that touchstone of humanity for our sense of written language.
Collective human self-knowledge
Text written by a human is a text-representation of lived human experience and the intention to communicate as an author with a reader. Text generated by an LLM is not. Although it is chosen by the model to resemble as closely as possible one that would be generated by a human, it is chosen without that grounding human reality—there is no human experience that corresponded to the creation of the text. This difference is significant even when it can’t be detected.
This is problematic because when humans read, we naturally interpret what we read as communication, inferring an intention and a mental frame or consciousness behind it. When we read human writing, we learn something about whatever the author was saying, but we also learn something about the author, and about human consciousness.
Injecting a layer of normalizing influence to human-authored text with LLM editing tools makes it more generic, losing some of its individual expressiveness.
When we read AI-generated text being passed off as human writing, something more significant happens: we are subconsciously tricked into inferring a nonexistent human experience. This is very different from a context where we deliberately choose to use an LLM as a tool by giving it prompts; in this case, we are in a position to interpret responses for what they are, attempts to predictively generate useful text, not acts of communication. Reading an entire text produced by an LLM presents us with the natural and irresistible—but false—implication of an experience of intending to communicate some meaning to us. We take the text to reflect someone’s coherent understanding of the world, and we try to update our own understanding to accommodate and reflect it; even if we don’t agree, we’ve learned that someone else has this understanding, that the world includes this perspective. But in fact, there need be no such perspective, because LLMs are not language users, do not understand or communicate or have perspectives. LLMs are powerful tools, and generated texts can be useful in many ways, but such texts do not imply logical, empirical, or psychological coherency. For this reason, they should be clearly distinguished from human writing.
Objections:
- embrace it, people will just interact with LLMs instead of writing in the future
- ok but it will never stop being important to avoid feeding LLMs their own poo (or is that right if iyou can evaluate quality)
- just evaluate quality and don’t worry about authorship
But the proliferation of LLM-generated text without clear distinction from human writing confronts readers with a dilemma: either let down our guard to AI, or to mistrust all text. In either case, our ability to psychologically connect through the written word, to learn about each other, to gain a sense of human consciousness in both its invariant essences and its tremendous diversity, is compromised. I suspect that in the future, it will be considered a human right to know whether text (or images, sound, video, or other media) was generated by a human or an AI. The European Union’s Artificial Intelligence Act and United States’ AI Labeling Act both require companies to inform users when they are interacting with chat bots or viewing AI-generated audio or video content. However, while this is also important, prohibiting malfeasance cannot be counted on to prevent it. We ought instead to consider positive solutions that can more robustly protect what we actually care about rather than relying on corporations to fear being punished.
Much of our access to human-nature outside of those we talk to face-to-face is mediated by this process of reading and inferring the experience of another person at another place and time. This process gives us knowledge not just about ‘facts’ about ‘the world’, but about different authors’ subjective psychological response.
At a high level, the distinction between LLM-generated and human-authored texts is critical because to lose the distinction is to lose the precision with which the sum of all known texts represents human experience. That would be blur and distort collective human self-knowledge the way AI image generators blur and distort human hands and faces. (in fact, many people do prefer images of themself that are distorted by AI filters to be more generic and less individual).
Consider everything we as humans collectively know about human experience, ie our collective self-knowledge. This isn’t all written, but written language accounts for a lot of the contents.Image and video authorEverything that’s more than a few generation offs is written, plus pictures and videos too (authors of these media face a very similar, parallel authenticity problem to that faced by text—most of the discussion here will apply in these cases as well; I limit the conversation to text for simplicity).
Maybe for some of the text, it doesn’t matter because it would have been bullshit anyway, so AI bullshit is no worse than human bullshit.
But for lots of text, this is not true. For poetry, philosophy, science, policy… It does matter. A poem that communicates artistic intention grounded in human experience has value that an LLM-generated poem does not, even if nobody can tell the difference. It is incredibly valuable to capture this difference, particularly as it gets harder and harder to tell.
Science/Research
Research in all fields relies on a network of trust in the authenticity of journal articles, books, datasets, and other text as a representation of the human thought and labor that went into producing it. This is what makes the accumulation of knowledge over time possible through research; people build on, test, refine, and revise each others understandings of the world in an ongoing, self-referencing, self-constructing process-network of cognition, practice, and communication. Being able to read a text and follow a trail of references to know what the author was reading, thinking about, and responding to is critically important for research across the sciences and humanities. The LLM Bullshit Apocalypse threatens to undermine the possibility of research by making it difficult to identify genuine research in a proliferation of fake research, that is, documents that convincingly imitate the text output of research, including data, metadata, and citations.
The current solution to the problem of canonical reference is the DOI system, which provides canonical handles for publications. However, the responsibility for maintaining the availability and authenticity of the text referred to by the DOI falls to the publisher, usually a corporation. A text’s DOI by itself provides no evidence; essentially it just refers to a statement by the publisher about where to find the thing referred to. Upon finding a document at the URL listed in the DOI metadata, should one be confident in its authenticity? That confidence should be proportional to one’s trust in the publisher; this should not be absolute. There currently also exists a nexus of off-print servers and institutional repositories that represent an ‘gray market’ in publishing. While this empowers authors and knowledge communities to bypass the profit-driven siloing of knowledge by publishers, and introduces checks against the ability of publishers to censor or tamper with publications, it is inefficient and imperfect
Economically, this system creates an arms race between corporate publishers who maintain the authenticity/authority of their texts by destroying competing distributions of their records, which creates a black market of pirated texts, and a state of affairs where most of the world only has access to the pirated texts that lack the authenticity guarantee.
The current system also puts publishers in charge of editorial validation of authors’ identities, detection of plagiarism and illicit LLM usage, and policing in the form of post hoc retraction where problems are discovered. Academic journals face a crisis an authorship verification crisis in the form of an assault on the publication system by AI-assisted plagiarism and fraudulent research. This root issue at least as much an indictment of the publish-or-perish desperation economic injustice in academia driven by as it is an issue about technology; this is a system where journals reap profits of selling the unpaid editorial work required by junior academics as ‘service to the field’ back to universities (including publicly funded ones) at exorbitant prices that are essentially intellectual ransoms, since each publisher has a monopoly on the content that it owns. Hence the very same demographic of junior researchers pressured to publish no matter what is also responsible for policing its own publication integrity. However, this problem is beyond the scope of the current article.
In any case, in the long term, publishers following current methods cannot be depended upon to provide future generations with accurate, authoritative information about authorship and text authenticity. This system is poorly architected for long term success, relying on corporate knowledge vendors as coercive deterrers of fraud. The ability of a publisher to enforce its claims is mediated by governments as actual enforcers of the law, as well by its own legal resources and financial motivations, so a lot of fraud will go uncorrected. If a publisher is hacked, there is no way to recover and subsequently prove authorship and canonicality. This information is an essential public good and requires a global, decentralized solution.
But what about the idea that some science can be done without writing at all, that well designed LLMs could allow readers/consumers to access scientific writing presented by the authors in the form of primary data from experiments or analysis and methodological metadata.
Ok, but this doesn’t actually remove the need for canonically human authored texts…
News
the ability to distinguish news stories that reflect accurate on-the-ground reporting or well-intentioned expert analysis, rather than AI or human generated mis-or-dis-information, is critical
The fact protocol is being developed as a form of distributed fact checking and https://fact.technology/files/2022/05/Fact-Protocol-White-Paper-Q2-2022-signed.pdf
Commercial considerations
like copyright disputes. And stuff like that. If you want to show that a contract or something was written by a person that’s the use case to and we have notary systems and stuff like that, but if we could solve that in a way that is decentralized or in and you know, if we could solve that as part of this, this broader problem of solving the text anticipating problem that that could be cool to maybe it could provide that in some ways. In a sense, that’s the kind of adjacent and subset things like contracts and stuff, authenticating them. So we can think of that as similar and in a lot of ways, are identical and a lot of ways overlapping and a lot of it is with the problem of proving authorship of a text of a book or something like that a creative work and intellectual work. Okay.
LLM development
LLMs (and other generative models) die when they eat their own poo: https://www.lightbluetouchpaper.org/2023/06/06/will-gpt-models-choke-on-their-own-exhaust/
There’s also the the impetus for the project of distinguishing human from LLM generated text is that LLM development itself requires this. So LLM makers are freaked out about the fact that they can’t get people to not use LLM to do the work to help massage the LLM into existence to train the LLM. And well, for them to know that it would be important for them to consume text that’s not written by LLM. \
The Problem
LLM text is hard to detect https://cmns.umd.edu/news-events/news/ai-generated-content-actually-detectable
So suppose you want to know who the author of a book is, or taking things in the other direction, you want to find a particular text that you already know was written by a specific person, and know with confidence that the text is authentic, as written by the author. Call the former problem ‘authorship attribution’, and the latter ‘canonicality’. How do you do this today? If you find a paper book, especially one that looks a bit old and worn, you can pretty safely assume that it was not written by an LLM, simply because LLM technology has not been around that long. If the book is intact and seems to be of decent quality, you can assume with some confidence that it was in fact published by the listed publisher. If the publisher seems reputable, you can assume with some confidence that it was written by the listed author. If you trust the listed author and the social systems and institutions in which they work, you can assume with some confidence that it was written by them, rather than stolen from someone else. Of course, none of this confidence is perfect. The book could be a clever forgery by an individual or small shop in a way that would be require expertise to detect. The publisher itself may have committed theft and fraudulent attribution of authorship; publishing houses are not held to high standards of security or accountable, so it is difficult to know. So your evidence depends on trust in publishers, which presumably rests on the community of readers to detect and complain about fraudulent publication in order to keep publishers honest—and also on the assumed difficulty of faking books of the quality produced by a major publisher. Publishers are expected to actively guard their authority by using law suits to punish infringement of their exclusive rights to publish certain things.
If what you have in hand is a DOI rather than a paper book, you don’t have to worry about the book itself being a forgery (not printed by who it says), since you can digitally access it direct from the publisher, but the rest of the chain is lost to trust in the publisher, who has total control from that point with little accountability or transparency. If the publisher, or a bad actor who has compromised the publisher, censors or tampers with the document, you have no way to know and no way to recover author attribution or canonicality.
Sometimes author identity is obscure. Authors have falsified their own identities, such as the numerous authors of European descent who have lied about a Native American lineage in order to profit by spreading misinformation under a false claim to personal authority (https://en.m.wikipedia.org/wiki/Pretendian). Shakespeare is a well known example of a contested authorship attribution identity. Was he a singular prodigious genius whose style varied a lot over a huge body of work (and if so, who was ), was he a producer who took credit for others’ work in his own lifetime, or was his identity used by one or more other writers as a pseudonym? Attributing authorship to ancient writers like Hypatia, Zhuang Zhou, or Moses becomes increasingly more uncertain as supporting evidence becomes more scant. Further, the authorial meaning of a present text-representation of ancient writing can only be attributed to an author through a layered series of translations, interpretations, and reconstructions of context, making it in fact a collaborative creative project distributed across time and space. A text may also vary substantially from part to part in terms of how confident we can be in its authenticity and provenance.
In the future, will scholars look back with such uncertainty at writing from the 21st century? How can we provide them with better than our ancestors gave us—indeed, how can we avoid losing the historical text record we now have in a deluge of LLM generated content?
In short, we do not have in place a coherent solution. Our current system has many single points of failure, and depends on a predictably undependable nexus of decision making and enforcement among many parties. This old way of doing things is already inadequate to reality of a world where most text is digital and totally incapable of scaling to meet the potential LLM text-pocalypse.
A solution: The Human Authorship Verification Service
The old systems for verifying authorship and canonicality are not built securely or with long term reliability in mind, nor do they scale adequately to an LLM-haunted world.
We’ve identified several drawbacks with the current system, from which we can derive requirements for a solution:
1) Signs of authenticity are not self-proving, they must be enforced by publishers. Readers must rely on the honesty, motivation, and competence of the publishers in accurately attributing authorship, accurately and comprehensively publishing source material, and policing fraudulent use of their (the publisher’s) logo and other signs of authenticity in order to pass off inauthentic texts. 2) The current system is subject to entropy. If publishers fail or stop caring to police text authenticity, knowledge of authenticity may be irreversibly lost. Publishers are responsible for maintaining their own security in variable, ad hoc ways that depend on their motivations and resources. 4) Publishers decide what texts deserve canonization (protection from fraudulent distribution), largely based on what is profitable. for them, although most publishers also profess a certain mission as well, and there are non-profit publishers, such as Project Gutenberg and Wikimedia foundation. The principle that it is not in the public interest to make corporate entities into single points of failure in a trust system is beyond the scope of this article to argue.
A better solution would establish authenticity verification as a universal, freely available service, allowing end-users to effortless discriminate authentic from inauthentic texts.
We need a system-level solution, scalable and robust, immutable, relying on distributed trust and governance models that protect this public good from profit-motivated censorship, sabotage, knowledge-siloing, and other forms of exploitative malfeasance. This solution must be built to last, capable of carrying forward into the future and surviving conditions of LLM proliferation and evolution, assault by bad actors, and the general chaos of an uncertain world. Humanity currently lacks this. This essay will consider what such a solution would entail, what systems one would need to have in place to know with confidence that a particular human author (and not an LLM impersonating them or another human) was genuinely the author of a correctly reproduced text.
Essentially the solution must have the following aspects:
- immutable authorship records with distributed trust
- Graded confidence assessments based on a rich, multimodal, open-ended evidence base
- authorship process proofs
- automated analysis for LLM and plagiarism detection, and stylometric authorship verification
- independent post-hoc auditing of authorship proofs and automated scans
- Built-to-last Architecture
- Funding (must not incentivize hacking)
- Governance
- Energy
Immutable, distributed authorship claims
Possibility of fraud by authors, publishers or tamperers. Requires authorship evidence, supporting evidence, and immutability. Attestation on a public blockchain guarantees that the timestamps are right and the contents of the records can’t change. Similar to having a book cover that you know was created when it says and has never been changed, which gives you quite a lot of information. This means you don’t have to trust publishers not lie about the date or change the contents, you rely on the distributed trust model of the Ethereum blockchain.
Now, you can’t put the whole book on the blockchain, because immutable storage is incredibly expensive, as it should be, since the data will be preserved forever. But you can use a truly wonderful computational technique called Merkle tree hash verification to compute a small byte string called a ‘root hash’ which will allow you to prove that any of a certain set of chunks of data is really in the original text, including matching the whole text. By creating a blockchain attestation that holds a root hash for a text, we can make immutable public claims about the text by referring to its contents through provability. Matching the hash proves the authenticity of part or all of the text. However, someone still needs the text itself, which must be stored off-chain. One solution is to include a storage address for a place where the text is intended to be found. IPFS provides the obvious solution, as an immutable distributed file storage system, which can prevent the true text form being lost. However, just having the Merkle root hash on chain is helpful if texts are available and the problem is to find a genuine (non-corrupted) text. If the text is partially corrupted, it can be validated in chunks and the correct version might even be ‘mined’ out of the hash by guessing variants until a match were found. The chunks are crucial, only if a chunk was hashed into the tree can it be verified against the root hash; so when performing the hashing you decide which chunks will be verifiable.
together with an IPFS address, which itself points to an immutable record containing the entire text,
So storing an attestation with the following pieces of information creates an immutable record that can allow future users to know that a claim was made by a given person to a given text at a given time. This is similar to a tamperproof, unfakeable book cover that can’t lie about who the publisher is, without the publisher having to worry about fraudulent inexact copies. readers and authors don’t have to rely on publishers to preserve this information.
But it doesn’t solve a bunch of other problems relating to the one making the authorship claim being the ‘real’ author.
It would cost 25 million bucks to put Moby Dick on Aetherium or something like that. So you can’t just put that up there. But you could put the verification hash and an address for interplanetary file system which is this distributed file store it just goes nicely together with Blockchain stuff. Okay, so same, you put a sort of compressed version of the text up on IPFS and you record an attestation with a Merkle tree hash . basically saying “I wrote this text that’s at this address, basically, for authorship, okay.”
Evidence of authorship
So it’s sometime in the future. I want to read a paper about such and such topic or a book and I want to know that it was written by a human and not by an AI. And I want to know when it was written and by whom so I can see what else they’ve written. So how can we solve the problem of making this possible without having to rely on libraries or publishers as private, single point of failure, brokers of authenticity information.
Evidence of authorship is handled in three independent application layers:
- Authorship Process layer: authors themselves can voluntarily submit rich datasets offering evidence of their personal involvement in the creation of the text.
- Independent Validation layer: third parties acting as independent brokers of validation work and trust can perform scans, audits, and investigations designed to detect LLM-based and other plagiarism, therefore establishing high trust in vetted authorship claims. Every validation adds a degree of evidence for human authorship, recorded on the L2 chain as an attestation.
- Assessment layer: existing evidence of all sorts is aggregated by assessors to establish an authenticity confidence profile for the text, which can be queried and summarized by readers/users in order to be confident in what they are reading.
Authorship Process
As an author, submit a set of proofs, a set of evidence that you did, in fact, write this text. So not just an attestation that’s based on here’s the text and here’s my word with some sort of proof. And for now, let’s just keep an open set of questions about what the kind of proof is. Let’s just assume that there’s different kinds of proof that not everybody’s want to get with the same kinds of proof. The different kinds of proofs can offer different degrees of evidence. combinations of different kinds of proof can offer different kinds of evidence. And it for different use cases, different levels of security and different levels of trust. We might want different kinds of authorship proofs that an author could voluntarily submit at the same time that they’re sort of saying, Oh, I wrote the text. And here’s a set of proofs to back it up. Yeah. You can also have proofs that are offered afterwards. But really epistemic ly. It’s kind of stronger if the proofs are offered at the same time as the text because then it’s like, here’s the proof. Here’s this text that exists at this time. Yeah. And here’s an immutable record of it. And then what? So there’s the initial claim, oh, I wrote this text. Here’s some proof and we can start to think about what kind of proof that is.
So it’s so what could they offer us? Something like a good history. That shows that they were working on earlier versions of the idea. A rich get history that says lots of different versions of the idea being kicked around. To me that seems like that could offer additional evidence, a richer trail of intellectual discovery, so to speak, for the ideas that could definitely additional evidence that they created it. I’m assuming that it would have to be the case that that good history can’t be faked after the fact by an LLM. But I would suspect that that’s a difficult that’s that’s difficult to do convincingly. But I don’t really know if anybody’s looked into that.
Okay, so what else so like, as a thought experiment, we can imagine the Oracle as like a little robot that’s gonna go sit by the author and hang out in the room while they author the whole text. And the little Oracle robots gonna videotape them constantly and listen, and maybe collect biometric data on the person and also like, what watch every keypress that they make on the computer and nobody would want that Oracle in the room. Because being under constant surveillance is terrible. And any author is going to want to be in control of all that data, and have it be private. And yet, at the same time, assuming that the author’s authorship was genuine, they would want to be willing to go to great lengths to prove that their authorship was genuine. So ideally, you’d want to have that data be provided in a way that could be scanned by an oracle that could then a test without making the data private. It could just make the attestation private and maybe you could store the data for for the use of future Oracle’s ideally. So basically, yeah, it’s like as the as part of your authorship proof you can offer kind of artifacts that contain authorship data, but that data is gonna have to have been recorded in a way that was trusted somehow. And that’s an interesting problem. And it depends on the kind of data right, so I don’t know maybe you would really want to have a video in your studio or something in your office while you’re writing. And just like, assume that nobody’s ever going to read that. You know, just watch it for some other reason. But if there’s a way that you could have that, yeah, just be scannable for one of these authorship audits or something. I mean, that contribute be valuable. And it’s like maybe you could have the data and write to all of this could be author submitted, so voluntarily submitted. So even if it’s like you vote, you videotape yourself, writing your whole book, it’s like before you submit that you can go back and kind of subtract some of it and then like having a large video log, it’s not going to be a lot of evidence, especially if it also goes with keypress data. And so much data that so much computational video and stuff is onerous. I mean, the key press is kind of more to the point, maybe key press and biometrics or something like if you wear a watch that’s got your biometric signature and can also correlate your actual key press data with like accelerometry. That would be very, very, very very high proof of art or evidence of authorship. So maybe that’s like a really high on like using a smartwatch combined with key pressed data. And that honestly, it could be less identity revealing so maybe that’s kind of promising. So we can think about that. So authors you know, once the system is in place, you can have authors submit that kind of thing. So there’s authorship proofs, scanning proofs, and then you roll up all these attestations onto immutable Records.
Third party analysis
Essentially we can think of a totally separable application L2 layer dedicated to managing post-hoc validation performed by independent parties. This can include automated scanning or human investigation. Critically, the data for these investigations can include not just the public document being validated, but semi-private data included in authorship proofs.
The validation is handled by off-chain services that act as oracles, making attestations on the L2 chain about their findings of scans, audits and investigations into authorship claims and proofs.
these need be worth it energy-wise!
This attestation data is queryable by the Assessment Layer AI and Plagiarism Detection: - Implement AI models and plagiarism detection tools (like GPT-2 Output Detector) as oracles to scan texts and provide attestations regarding the originality and authenticity of the content. - These oracles can generate evidence that strengthens the authorship claims by identifying whether the text was likely generated by an AI or contains plagiarized content. Stylometric analysis. this can be automated or human expert assisted, either way resulting in an attestation
We can bracket as a set of Oracle’s that’s the kind of crypto term something that is not being computed on the blockchain that’s not kind of in just the deterministic logic of the app itself. That can be performed efficiently to the very high standards of efficiency of the blockchain. So it’s got to be pretty simple logic. Anything else comes in from what we call an Oracle. And so well just that’s always going to be the case with plagiarism detection, because that is expensive compute that’s never going to be performed on the blockchain. So we’ll call these Oracle’s And so basically, there’s gonna be some set of trusted entities that are to some some level of trust is delegated to these entities that they can detect plagiarism. And if you do something like have one of these tools, scan a text and give some kind of probability estimate of you know, whether it was plagiarized or not. So if it says, you know, and we can think of an attestation that comes from one of these models, and so we can think of one of these plagiarism detection models, or a plagiarism detection provider as an a tester, and then we can think of, you know, we can scan these texts, and when they go through the scans, this generates add test stations that generate some evidence based on what the model is. So if it’s just a simple kind of AI generation model that says oh, this text was not generated by these models at such and such a time, you know, when it was scanned, then we can find we may find that attestation useful so if the text was submitted, it’s you know, X time and then not long after it was scanned by the best cutting edge AI plagiarism detectors around at the time, and they had test this this texts was not generated. That gives us some evidence that at that time, it wasn’t and so that can increase our confidence and the authenticity of authorship there. Even if that’s and that can be true even if the test was performed later. But it may depend on the version of the model, because you want your AI detection, plagiarism detection to be looking for the kinds of models that the author could have used at the time that they were at the time they submitted the text, so that information has to be correlated. Okay, so that’s another kind of layer of this platform. There’s authors submitting texts and then you’ve got you can think of auditors and these kind of AI scanners are entities that are going to provide AI scanning of text. These plagiarizing and plagiarism detection, Oracle’s you know, coming through making attestations and then increasing our level of confidence in various texts as they get scanned as a layer of the platform, right? This plagiarism detection error detection just increased. Okay, so then going back to the idea of authorship proofs, so what else could the author has provided at the time? So and we can think of another set of Oracle’s that are sort of like author helper Oracle’s something that the author can use to to provide more evidence other than just their word and, you know, the fact that they are giving their identity when they submit the transaction and then not challenging it for the challenge period if we’re using optimistic roll ups or something like that. There’s a challenge period.
’Authorship Authentication’ oracles
AI Detection Oracles:
-
Functionality:
- AI Tools: Deploy advanced AI detection tools to analyze text submissions, identifying AI-generated content and verifying human authorship.
- Continuous Learning: Regularly update the AI models to adapt to new methods of AI-generated text, ensuring ongoing accuracy.
-
Integration:
-
AI Detection Oracles:
- Advanced AI Tools: AI detection oracles analyze text to detect AI-generated content and validate human authorship.
- Continuous Improvement: The AI tools are continuously updated to stay ahead of advancements in AI-generated text.
- Seamless Workflow: Integrate AI detection oracles into the submission process, providing immediate feedback on the authenticity of content.
- Collaboration with Human Auditors: Combine AI tools with human auditor oversight to enhance the accuracy of the verification process.
Assessing Aggregate Evidence
But as a user, we can think about, you know, some maybe there’s certain kinds of things that the the author could have offered us at the time that they submitted it. And there’s other kinds of evidence so what could will strengthen our level of confidence as a user now at the time of reading it, that the person did in fact, author it and authored it without the use of artificial intelligence or plagiarism of other people, or even ghost writers or something? You know, we want to know that they wrote it. Maybe that’s the strongest thing we could want to know that they really didn’t steal the idea or something. How could we know something like that? If we want to get a little bit more ambitious with raising the bar of authorship.
So authors and/or tests disagree with each other. Say a test or new generation of tests says LLMs wrote a bunch of texts previously held to be genuine, what happens to the texts and the authors? What if that was 100 years ago or something (and this is happening 150 years in the future)?
What if two authors submit texts with inconsistent proof-claims, ie there is evidence for inconsistent claims to authorship?
What if two authors claim ‘the same text’ i.e. highly overlapping text and there are no tests to help resolve?
Multiauthorship doesn’t seem difficult but should be mentioned somewhere i guess.
I guess you just note all the bits of evidence and different clients can assess these differently.
In essence the final assessment of confidence in an authorship claim can be thought of a separate kind of ‘client’ layer from the storage and attestations. Although sets of lower level assessments can be ‘rolled up’ in an informal sense into high level assessments by trusted human and AI assessors. Then perhaps most clients would just query these high level assessments for efficiency.
Where this really does matter and feed back into the system is with governance gatekeeping. If authors get to vote it matters existentially for the system to prevent AIs from infiltrating the pool of authors. But you also don’t want to rule out humans inaccurately/unfairly, which is just as much of a distortion of the human experience record. Generally it’s probably better to let in AI texts than to reject human texts, since AI texts can be detected and downgraded after the fact but lost human texts cannot be recovered.
Building a Solution to Last
Security
Funding
- who gets paid
- Providers of compute and labor
- Compute
- Labor
- Authors (?)
- Providers of compute and labor
- who pays
- Public goods funding
- Organizations and companies that use the data; authors are in control of their data (although not in control of independent validation data)
- Do some/all authors pay/stake, get paid???
Governance
- introducing new AI detection mechanisms
- Critical for preventing AI authors from gaining author tokens
- Critical not to invalidate valid authors by introducing false positives
- disputation and metabolism of error
Energy
- should incentivize green compute
At a crude pass, authors could start recording their books on the blockchain, which would immutably show that they had claim to the text at least as early as that attestation. The first problem with this is that blockchain storage is incredibly expensive, making this utterly impractical. It would cost about $25 million dollars to record the text of Moby Dick onto the Ethereum block chain together. But what could be recorded is a verification hash of a IPFS file.
https://en.m.wikipedia.org/wiki/The_Songs_of_Bilitis
https://www.businessinsider.com/openai-leopold-aschenbrenner-ai-essay-chatgpt-agi-future-security-2024-6?amp
And in particular, how do we think about how we want to build a system so that in the future we’ll be able to do that?
notes:
- do authors not get paid at all for submitting content/having it verified? they get voting rights but don’t get paid for adding content. you don’t want to get paid for content because that creates a reason to content stuff… we should only be processing content that has intrinsic value as a public good, although we also want to be open minded about it. is that right though? that makes sense for authors hut not for corporations… maybe there are public rollups as well as org-managed rollups… also you can have rollups roll up into a single top roll up. yeah so publishers and stuff might be expected to operate their own chains to roll up into the main one. you do want public goods rollups so that everyone who wants to just be a writer gets a chance to do that, to contribute to the public store of knowledge.